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METHOD OF, AND APPARATUS FOR, CONDUCTING ELECTRONIC 

TRANSACTIONS 



Technical Field 

5 This invention relates to a method of, and apparatus for, conducting electronic 
transactions and more particularly, but not exclusively, to a method of and apparatus for 
conducting secure electronic transactions over a telephone network, such as a cellular 
telephone network. 

10 Background Art 

The use of telephones to conduct electronic financial transactions is well known in the 
art. Most commonly, Duel-Tone Multi-Frequency (DTMF) communication protocols of 
telephones are used to provide customers with access to banking services. This type of 
facility is only available to customers of a particular financial institution. Thus, only a 

15 closed system is available and customers have to link third party accounts to their 
financial institutions, to, for example, transfer funds to third party accounts. 

The linking of third party accounts provides security in that customers do not have to. 
manually enter third party account numbers every time a third party account is paid. 
20 Incorrect entry of account numbers is avoided by linking third party accounts to a 
customer's financial institution. This Unking process is cumbersome and limiting for 
customers and financial institutions and only linked accounts can be paid by customers. 



25 Telephonic banking further provides for the purchase of goods or services by quoting a 
credit card number. In this case the credit card is not physically available to a merchant 
to read the card magnetically or to make a manual print or copy and this creates a 
difficulty from a security and authorisation perspective. With credit card transactions, the 
customer's financial institution pays the merchant or third party and accepts at least 



BNSDOCtD: <WO 0O31699A1J_> 



WO 00/31699 PCT/1B99/01844 



partial liability in the case that the customer does not pay their credit card account. This 
type of transaction is also commonly used to purchase goods on the Internet Pre-paid 
cellular airtime can also be purchased over a cellular telephone by providing a credit card 
number. Goods and services purchased are limited to those provided by a cellular service 
5 provider or those available on the Internet and, as stated above, a difficulty arises in that 
the financial institution incurs liability for payment. 

Automatic Teller Machines (ATM's) provide a means for secure electronic banking. At 
an ATM, a card reader reads a bank card and a secret Personal Identification Number 

1 0 (PIN) is provided by a customer to authorise the transaction. Transaction messages are 
sent to switches or directly to banks or other financial institutions. These transaction 
messages are encrypted at a security level that is acceptable to financial institutions. 
ATMs are not readily accessible and are installed in fixed locations. Customers are also 
restricted at an ATM in that they cannot pay accounts which are not linked to their 

1 5 banking profile. 

Objective of the Invention 

It is an object of this invention to provide a method of, and apparatus for, conducting 
electronic transactions which, at least partially, alleviates some of the abovementioned 
20 difficulties. 

Disclosure of the Invention 

In accordance with this invention there is provided a method of conducting electronic 
transactions comprising the steps of: 
25 storing an encryption key in a memory means of a mobile telephone; 

selecting a financial transaction with the mobile telephone from a number of available 
financial transactions; 
providing transaction information; 

generating a transaction message from the selected financial transaction and transaction 
30 information; 
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encrypting at least part of the transaction message; 

transmitting the transaction message from the mobile telephone, over a wireless network. 

A further feature of the invention provides for the transaction message to be transmitted 
5 from the mobile telephone to a receiving station such as a bank or a switch. 

A still further feature of the invention provides for the mobile telephone to be a cellular 
telephone or a satellite telephone. 

1 0 There is also provided for the transaction information to include at least one bank account 
number or bank card number and an associated PIN. 

Further features of the invention provide for the transaction message to include 
information relating to the selected transaction, a bank account number or bank card 
1 5 number and the PIN; for at least the PIN to be encrypted; and for the transaction message 
to include error check information to facilitate the authentication of the mobile telephone 
or SIM card at the receiving station and to facilitate the validation of the integrity of the 
message at the receiving station. 

20 There is still further provided for the memory means to be a SIM card or to be an 
Integrated Circuit (IC) memory chip or a microprocessor. 

Further features of the invention provide for an encryption algorithm to be stored on the 
memory means; and for copies of the encryption algorithm and the encryption key to be 
25 stored at the switch or the financial institution. 

The invention extends to a mobile telephone having input means for inputting transaction 
information and for selecting a financial transaction from a number of available financial 
transactions; 

30 memory means for storing at least an encryption key; 
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generating means for generating an at least partially encrypted transaction message from 
the transaction information, information relating to the selected financial transaction and 
the encryption key; and 

transmission means for transmitting the message over a wireless network. 

5 

There is provided for the memory means to be a SIM card; alternatively, for the memory 
means to be an Integrated Circuit (IC) memory chip or a microprocessor. 

There is provided for at least some of the transaction information, such as a bank account 
1 0 number or a bank card number, to be stored on the memory means. 

There is provided for an encryption algorithm to be stored in the memory means and for 
the encryption algorithm to generate a new encryption key for each new encryption 
message generated. 

15 

A further feature of the invention provides for error check information to be transmitted 
with the message. The error check information facilitates the validation of the integrity 
of a transaction message received by a receiving station and also facilitates the 
authentication of the mobile phone or SIM card from which-the message is received at the 
20 receiving station. 

Further features of the invention provide for the receiving station to be a switch or a 
financial institution; and 

for the financial institution or switch to effect a financial transaction in response to 
25 receiving the message. 

These and other features of the invention are described in more detail below. 
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Brief Description of the Drawing 

A preferred method and embodiment of the invention is described below by way of 
example only, and with reference to the accompanying drawing, which shows a 
schematic block diagram of a method of and apparatus for conducting electronic 
5 transactions. 

Best Mode of Carrying out the Invention 

With reference to the accompanying drawing, a method for conducting an electronic 
transaction is shown schematically, and apparatus for use in the method are generally 
10 indicated by reference numeral 10. 

The method utilises and includes the following apparatus: a switch 12 which houses a 
secure translator 14, a point of sale (POS) terminal 16, a mobile telephone such as a 
cellular telephone 18, a financial institution 20 and at least one content provider 22. 

15 

The switch 12 is connected to at least one cellular telephone 18 via a cellular telephone 
network and is further connected by means of a fixed land-based communication line to 
at least one financial institution 20 and at least one POS terminal 16. 

20 The content providers 22 subscribe to the services of the switch 12, which provides a user 
of a cellular telephone 18 with the means to conduct a secure electronic transaction 
between a content provider 22 and a financial institution 20. The switch 12 has the 
facility to receive transaction messages transmitted over a cellular telephone network by a 
cellular telephone 18 and forward the messages to a financial institution 20 with the 

25 instructions necessary to effect a transaction involving a particular content provider 22 in 
accordance with the transaction message. Furthermore, a transaction message received 
by the switch 12 contains encrypted information which is translated, by the translator 14, 
into an encryption format that the financial institution 20 will have the means to interpret. 
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A SIM card of the cellular telephone 18 has an initial encryption key and an encryption 
algorithm stored thereon as described below. A unique initial encryption key is generated 
by the switch 12 to be associated with a specific SIM card during the manufacture of the 
SIM cards. Transportation of a database of initial encryption keys to a manufacturer of 
5 the SIM cards takes place in at least to distinct separate paths. Each initial encryption key 
is divided into at least two parts so that each part of an initial encryption key is rendered 
useless by itself. These divided parts are then transported via the two paths so that the 
transportation from the switch to the manufacturer of the initial encryption keys is secure. 
The initial encryption keys are reassembled on arrival at the manufacturer of the SIM 
10 cards where a particular initial encryption key is stored on a secure zone of a particular 
SIM card during the manufacturing process. A database of initial encryption keys and 
corresponding SIM identities is stored securely within translator 14 resident at the switch 
12. 

15 In addition to the installation of the initial encryption key on a SIM card an encryption 
algorithm is also stored on the SIM cards. The encryption algorithm is used to encrypt 
transaction messages with the use of encryption keys. Transaction messages are 
transmitted from the cellular telephone 18 and consist of a bank account number or bank 
card number and an associated PIN (referred to in this specification as the "transaction 

20 information") and information relating to a selected transaction from a number of 
available choices. A menu of available choices may be displayed on a screen of the 
cellular telephone 18 or may be made available in any convenient manner such as in 
printed format. The transaction message is generated by a generating means in the 
mobile telephone. The generating means can be software stored in the memory means or 

25 can be dedicated hardware for generating transaction messages or a combination of both. 

Once a customer has purchased a SIM card for use in a cellular telephone, a registration 
process is required in order to initialize a secure transaction facility. The registration 
process involves storing a user's banking details such as the user's bank account or bank 
30 card number on a secure zone of the SIM card. It is envisaged that this will take place at 
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the POS terminal 16. Customers swipe the bank card through a magnetic strip reader at 
the POS terminal 16 thereby enabling the POS terminal 16 to access their banking details. 
The POS terminal 1 6 then stores the banking details in a secure zone on the SIM card. A 
request for the registration of this particular SIM card identity within the system is 
5 transmitted to the switch 12 from the POS terminal 16. It will be appreciated that the 
banking details of a user can be transmitted for storage on the SIM card over a cellular 
network or can be stored on the SIM card by inserting the SIM card into a writer at the 
POS terminal 16. 

10 On receipt of the registration request message, the switch 12 validates the integrity of the 
information received using error check information that authenticates the POS terminal 
16 and SIM card before returning a response message that is encrypted using the same 
initial encryption key. The error check information is transmitted with all messages that 
are transmitted in the system. The error check information allows for checking of both 

1 5 the validity of the source of a message and the correctness of a received message. 

The SIM card now validates the accuracy of the response message from the switch 12. 
Both the switch 12 and SIM card, using information from both the request and response 
messages, update the initial encryption key using the encryption algorithm for use in the 
20 next transaction. Using an algorithm common to the SIM card and the switch, a new 
encryption key is derived for each new message in the system. An encryption technique 
such as this will ensure a different encryption key for each transaction message of each 
individual cellular telephone. 

25 After registration, the cellular telephone provides a user interface that enables the user to 
select from a menu of financial transactions. This functionality, i.e. the structure and 
content of the menu, is provided in the cellular telephone firmware, using a SIM toolkit, a 
Wireless Application Protocol (WAP) interface or a means provided in another format 
such as printed hardcopy format as described above. A hardcopy menu will have 

30 numbers corresponding to available financial transactions for keying the numbers into the 
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input means or keypad of the mobile telephone. It will be appreciated that the input 
means can be electronic input means as opposed to being a keypad. 

The user is prompted to select a transaction as well as a bank account or card from their 
5 banking profiles. As with transactions initiated at an Automatic Teller Machine (ATM) 
terminal, a bank Personal Identification Number (PIN) is requested from user to authorise 
the transaction. Once the transaction information has been obtained from the user, a 
transaction message is generated and transmitted via a cellular network to the switch 12. 
The transaction message comprises an encrypted bank PIN, which is a product of the 
0 newly generated encryption key, information relating to the selected transaction as well 
as transaction information together with error check information. 

In this embodiment, the transport mechanism for the transaction message is a Short 
Message Service (SMS). On receiving the transaction message the switch 12 validates 
5 the accuracy of the transaction message by utilising the error check information and 
relays the instruction to the appropriate content provider 22 and/or financial institution 
20. Information of a financial settlement is forward to a financial institution 20 after 
translation thereof by the translator 14 to an encrypted message with an encryption key 
that it has in common with the financial institution. All transaction messages are sent and 
forwarded together with error check information to ensure successful and accurate 
transmission and receipt. 

The method of conducting electronic transactions described herein is a secure method in 
that at least part of the information transmitted from the mobile telephone 1 8 is encrypted 
and cannot be read if it is fraudulently intercepted. The translator used at the switch 12 is 
secure in that the translation process cannot be accessed or read and the translator itself 
cannot be opened to access the information therein. A translator as is known in the art is 
used. Such a translator will erase all information if it is tampered with and no electronic 
access to the translation process from outside such a translator is possible. 



nrrti ftooA 1 I » 



WO 00/31699 PCT/1B99/01844 

y 

The information transmitted from the switch to a financial institution or to a content 
provider is also encrypted and can not be understood if intercepted. 

The transaction method is secure and customers using a mobile telephone can pay any 
5 third party accounts from their mobile telephones. Third party accounts do not have to be 
linked to a customer's banking profile to transfer funds to these accounts. Third parties 
subscribe to the services of the switch 12 and do not have to be linked to a financial 
institution. 

10 The invention is not limited to the precise details as described herein. For example, 
instead of the switch 12 being in fixed land-based communication with a financial 
institution 20 or content provider 22, the switch 12 can be in wireless communication 
with a financial institution 20 or content provider 22. Also, the memory means can be an 
integrated circuit memory chip or a microprocessor having embedded memory instead of 

15 being a SIM card. The mobile phone used can be a cell phone as is known in the art or 
can be a satellite telephone any other portable device capable of accessing a wireless 
communication network. It is also unnecessary to store bank account numbers or bank 
card numbers on the memory means of the mobile telephone. These may be manually 
entered using the input means of a mobile terminal or keypad of a mobile telephone. 
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CLAIMS 

1 . A method of conducting electronic transactions comprising the steps of: storing an 
encryption key in a memory means of a mobile telephone; selecting a financial 
transaction with the mobile telephone from a number of available financial 
transactions; providing transaction information; generating a transaction message 
from the selected financial transaction and transaction information; encrypting at least 
part of the transaction message; transmitting the transaction message from the mobile 
telephone, over a wireless network. 

2. A method as claimed in claim 1 in which the transaction message is transmitted from 
the mobile telephone to a receiving station. 

3. A method as claimed in claim 2 in which the receiving station is a bank. 

4. A method as claimed in claim 2 in which the receiving station is a switch. 

5. A method as claimed in any one of the preceding claims in which the mobile 
telephone is a cellular telephone or a satellite telephone. 

6. A method as claimed in any one of the preceding claims in which the transaction 
information includes at least a PIN. 

7. A method as claimed in claim any one of claims 1 to 5 in which the transaction 
information includes at least one bank account number or bank card number. 

8. A method as claimed in claim 7 wherein the bank card number or the bank account 
number is stored in the memory means. 
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9. A method as claimed in any one of the preceding claims in which the transaction 
message includes information relating to the selected transaction, a bank account 
number and a PIN. 

5 10. A method as claimed in any one of claims 1 to 7 in which the transaction message 
includes information relating to the selected transaction, a bank card number and a 
PIN. 

11. A method as claimed in claim 8 or 9 in which at least the PIN is encrypted before 
1 0 transmission of the transaction message. 

12. A method as claimed in any one of the preceding claims in which the transaction 
message includes error check information to facilitate the validation of the integrity of 
the transmitted message and to facilitate the authentication of the source from which 

1 5 the message is transmitted. 

13. A method as claimed in any one of the preceding claims in which the memory means 
is a SIM card. 

20 14. A method as claimed in any one of claims 1 to 12 in which the memory means is an 
Integrated Circuit (IC) memory chip. 

15. A method as claimed in any one of claims 1 to 12 in which the memory means is a 
microprocessor. 

25 

16. A method as claimed in any one of the preceding claims in which an encryption 
algorithm is stored on the memory means. 

17. A method as claimed in claim 16 in which copies of the encryption algorithm and the 
30 encryption key are stored at the switch. 
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18. A method as claimed in claim 16 in which copies of the encryption algorithm and the 
encryption key are stored at the financial institution. 

5 19. A mobile telephone having input means for inputting transaction information and for 
selecting a financial transaction from a number of available financial transactions; 
memory means for storing at least an encryption key; generating means for generating 
an at least partially encrypted transaction message from the transaction information, 
information relating to the selected financial transaction and the encryption key; and 

0 transmission means for transmitting the message over a wireless network. 

20. A mobile telephone as claimed in claim 19 in which the memory means is a SIM 
card. 

5 21. A mobile telephone as claimed in claim 19 in which the memory means is an 
Integrated Circuit (IC) memory chip. 

22. A mobile telephone as claimed in claim 19 in which the memory means is a 
microprocessor. 

23. A mobile telephone as claimed in any one of claim 19 to 22 in which an encryption 
algorithm is stored in the memory means. 

24. A mobile telephone as claimed in claim 23 in which the encryption algorithm 
generates a new encryption key for each new financial transaction selected and 
subsequent transaction message generated. 

25. A mobile telephone as claimed in any one of claim 19 to 23 in which error check 
information is transmitted with the transaction message. 
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26. A mobile telephone as claimed in claim 25 in which the error check information 
facilitates the authentication of the mobile telephone or SIM card and facilitates the 
validation of the integrity of the transaction message. 

5 27. A mobile telephone as claimed in any one of claims 19 to 26 wherein the mobile 
phone transmits a transaction message to a receiving station. 

28. A mobile phone as claimed in any one of claims 18 to 26 wherein the mobile 
telephone transmits a transaction message to a financial institution. 

10 

29. A mobile telephone as claimed in claim 27 in which the telephone transmits a 
transaction message to a switch or to a financial institution acting as a receiving 
station. 

15 30. A mobile telephone as claimed in claim 19 in which transaction information including 
a bank account number or bank card number but excluding a PIN is stored in the 
memory means. 
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